P
US11516118B2ActiveUtilityPatentIndex 49

Methods and nodes for enabling management of traffic

Assignee: ERICSSON TELEFON AB L MPriority: May 8, 2018Filed: Jun 4, 2018Granted: Nov 29, 2022
Est. expiryMay 8, 2038(~11.8 yrs left)· nominal 20-yr term from priority
Inventors:CAÑETE MARTINEZ ANTONIOPEREZ MARTINEZ ALFONSO DE JESUSMUÑOZ DE LA TORRE ALONSO MIGUEL ANGEL
H04L 45/38H04L 47/2441H04L 45/52H04L 45/3065H04L 45/34H04W 80/08H04L 61/4511H04L 69/329H04L 69/326
49
PatentIndex Score
0
Cited by
14
References
22
Claims

Abstract

A method, an operator network (101) and nodes (120, 140, 160) for managing trafficare disclosed. The network exposure node (160) receives (A010) a Packet Flow Description (PFD) rule for a server application (190). The PFD rule comprises one or more protocol parameters for classification of traffic using a protocol related to said one or more protocol parameters. The one or more protocol parameters comprise for example an indication relating to common names (CNS), an indication relating to a domain name system (DNS) domain name, a server name indication (SNI), an indication relating to fraud prevention, an indication relating to a server IP address. The network exposure node (160)transmits (A020) the PFD rule to the session node (140), which transmits (A040), towards the user data node (120), a management request comprising the PFD rule. The user data node (120) receives (A080), from the client application (115), traffic destined to the server application (190). The user data node (120) classifies (A090) the traffic in accordance with the PFD rule. The user data node (120) enforces (A100) actions for the classified traffic. Corresponding computer programs (603, 803, 003) and computer program carriers (605, 805, 1005) are also disclosed.

Claims

exact text as granted — not AI-modified
The invention claimed is: 
     
       1. A method, performed by a user data node, for managing traffic between a client application running in a communication device and a server application hosted by an application node, the method comprising:
 receiving, from a session node, a management request comprising a Packet Flow Description (PFD) rule for the server application, wherein the PFD rule comprises a packet flow description identifier and one or more protocol parameters for classification of traffic using a protocol related to said one or more protocol parameters, wherein the one or more protocol parameters comprise one or more of:
 an indication relating to common names (CNS), 
 a server name indication (SNI), wherein the SNI is used as a domain name, 
 an indication relating to HTTP-host, 
 an indication relating to HTTP-user-agent, 
 an indication relating to HTTP-content-type, 
 an indication relating to HTTP-GET, 
 an indication relating to HTTP-POST, 
 an indication relating to HTTP-PUT, 
 an indication relating to HTTP-PATCH, or 
 an indication relating to HTTP-Response-Codes; 
 
 receiving, from the client application, traffic destined to the server application; 
 classifying the traffic in accordance with the PFD rule, whereby classified traffic is obtained; and 
 enforcing actions for the classified traffic, wherein the actions are based on the PFD rule. 
 
     
     
       2. The method of  claim 1 , wherein the PFD rule comprises a protocol identifier for identification of the protocol related to said one or more protocol parameters. 
     
     
       3. The method of  claim 1 , wherein the indication relating to the server IP address further relates to a server port at OSI protocol stack layer 4 and/or layer 7. 
     
     
       4. The method of  claim 1 , wherein said one or more protocol parameters comprise the indication of a DNS domain name, and the method further comprises:
 obtaining, from a domain name node, a server IP address corresponding to the indication of the DNS domain name; 
 receiving, from the client application, further traffic identified by a destination IP address and a specific domain name; and 
 verifying that the destination IP address and the specific domain name match the obtained server IP address, before transmitting the further traffic towards the server application. 
 
     
     
       5. The method of  claim 1 , wherein the method further comprises:
 triggering, from the client application toward the user data node, a PDU session establishment procedure, and 
 starting, from the client application, the traffic destined to the server application. 
 
     
     
       6. The method of  claim 1 , wherein the PFD rule comprises at least one of: a PFD version, a PFD origin, an MNO identifier identifying the mobile network operator for which the PFD rule applies, or configuration information. 
     
     
       7. A method, performed by a network exposure node, for enabling management of traffic between a client application running in a communication device and a server application hosted by an application node, the method comprising:
 receiving, from the application node, a Packet Flow Description (PFD) rule for the server application, wherein the PFD rule comprises a packet flow description identifier and one or more protocol parameters for classification of traffic using a protocol related to said one or more protocol parameters, wherein the one or more protocol parameters comprise one or more of:
 an indication relating to common names (CNS), 
 a server name indication (SNI), wherein the SNI is used as a domain name, 
 an indication relating to HTTP-host, 
 an indication relating to HTTP-user-agent, 
 an indication relating to HTTP-content-type, 
 an indication relating to HTTP-GET, 
 an indication relating to HTTP-POST, 
 an indication relating to HTTP-PUT, 
 an indication relating to HTTP-PATCH, or 
 an indication relating to HTTP-Response-Codes; and 
 
 transmitting, towards a session node, the PFD rule. 
 
     
     
       8. The method of  claim 7 , wherein the PFD rule comprises a protocol identifier for identification of the protocol related to said one or more protocol parameters. 
     
     
       9. The method of  claim 7 , wherein the indication relating to the server IP address further relates to a server port at OSI protocol stack layer 4 and/or layer 7. 
     
     
       10. The method of  claim 7 , wherein the PFD rule comprises at least one of a PFD version, a PFD origin, an MNO identifier identifying the mobile network operator for which the PFD rule applies, and configuration information. 
     
     
       11. A user data node is configured for managing traffic between a client application running in a communication device and a server application hosted by an application node, wherein the user data node is configured for:
 receiving, from a session node, a management request comprising a Packet Flow Description (PFD) rule for the server application, wherein the PFD rule comprises a packet flow description identifier and one or more protocol parameters for classification of traffic using a protocol related to said one or more protocol parameters, wherein the one or more protocol parameters comprise one or more of:
 an indication relating to common names (CNS), 
 a server name indication (SNI), wherein the SNI is used as a domain name, 
 an indication relating to HTTP-host, 
 an indication relating to HTTP-user-agent, 
 an indication relating to HTTP-content-type, 
 an indication relating to HTTP-GET, 
 an indication relating to HTTP-POST, 
 an indication relating to HTTP-PUT, 
 an indication relating to HTTP-PATCH; and 
 an indication relating to HTTP-Response-Codes; 
 
 receiving, from the client application, traffic destined to the server application; 
 classifying the traffic in accordance with the PFD rule, whereby classified traffic is obtained; and 
 enforcing actions for the classified traffic, wherein the actions are based on the PFD rule. 
 
     
     
       12. The user data node of  claim 11 , wherein the PFD rule comprises a protocol identifier for identification of the protocol related to said one or more protocol parameters. 
     
     
       13. The user data node of  claim 11 , wherein the indication relating to the server IP address further relates to a server port at OSI protocol stack layer 4 and/or layer 7. 
     
     
       14. The user data node of  claim 11 , wherein said one or more protocol parameters comprise the indication of a DNS domain name, and the user data node is configured for:
 obtaining, from a domain name node, a server IP address corresponding to the indication of the DNS domain name; 
 receiving, from the client application, further traffic identified by a destination IP address and a specific domain name; and 
 verifying that the destination IP address and the specific domain name match the obtained server IP address, before transmitting the further traffic towards the server application. 
 
     
     
       15. The user data node of  claim 11 , wherein the method further comprises:
 triggering, from the client application toward the the user data node, a PDU session establishment procedure, and 
 starting, from the client application, the traffic destined to the server application. 
 
     
     
       16. The user data node of  claim 11 , wherein the PFD rule comprises at least one of a PFD version, a PFD origin, an MNO identifier identifying the mobile network operator for which the PFD rule applies, and configuration information. 
     
     
       17. A network exposure node is configured for enabling management of traffic between a client application running in a communication device and a server application hosted by an application node, wherein the network exposure node is configured for:
 receiving, from the application node, a Packet Flow Description (PFD) rule for the server application, wherein the PFD rule comprises a packet flow description identifier and one or more protocol parameters for classification of traffic using a protocol related to said one or more protocol parameters, wherein the one or more protocol parameters comprise one or more of: 
 an indication relating to common names (CNS), 
 a server name indication (SNI), wherein the SNI is used as a domain name, 
 an indication relating to HTTP-host, 
 an indication relating to HTTP-user-agent, 
 an indication relating to HTTP-content-type, 
 an indication relating to HTTP-GET, 
 an indication relating to HTTP-POST, 
 an indication relating to HTTP-PUT, 
 an indication relating to HTTP-PATCH, or 
 an indication relating to HTTP-Response-Codes; and 
 transmitting, towards a session node, the PFD rule. 
 
     
     
       18. The network exposure node of  claim 17 , wherein the PFD rule comprises a protocol identifier for identification of the protocol related to said one or more protocol parameters. 
     
     
       19. The network exposure node of  claim 17 , wherein the indication relating to the server IP address further relates to a server port at OSI protocol stack layer 4 and/or layer 7. 
     
     
       20. The network exposure node of  claim 17 , wherein the PFD rule comprises at least one of a PFD version, a PFD origin, an MNO identifier identifying the mobile network operator for which the PFD rule applies, and configuration information. 
     
     
       21. The method of  claim 1 , wherein
 the one or more protocol parameters comprises an indication relating to CNS, and 
 the indication relating to CNS comprises a regular expression for identifying a set of Common Names. 
 
     
     
       22. The method of  claim 1 , wherein
 the one or more protocol parameters comprises an indication relating to SNI, and 
 the indication relating to SNI comprises a regular expression for identifying a set of sever names.

Cited by (0)

No later patents cite this yet.

References (0)

No backward citations on record.